services: secret-service: Do not generate SSH and Guix key pairs.

The justification about the order of activation snippets given in the
comment had been obsolete since
39e3b4b7ce.

Lately, running the activation snippets for "ssh-keygen -A" and "guix
archive --generate-key" would take a little bit too long, thereby
preventing the childhurd from starting on time.

* gnu/services/virtualization.scm (secret-service-operating-system):
Clear 'generate-host-keys?' and 'generate-substitute-key?'.

gnu/services/virtualization.scm

@@ -946,12 +946,20 @@ can only be accessed by their host.")))
 that will be listening to receive secret keys on port 1004, TCP."
   (operating-system
     (inherit os)
-    ;; Arrange so that the secret service activation snippet shows up before
+    (services
-    ;; the OpenSSH and Guix activation snippets.  That way, we receive OpenSSH
+     ;; Turn off SSH and Guix key generation that normally happens during
-    ;; and Guix keys before the activation snippets try to generate fresh keys
+     ;; activation: that requires entropy and thus takes time during boot, and
-    ;; for nothing.
+     ;; those keys are going to be overwritten by secrets received from the
-    (services (append (operating-system-user-services os)
+     ;; host anyway.
-                      (list (service secret-service-type 1004))))))
+     (cons (service secret-service-type 1004)
+           (modify-services (operating-system-user-services os)
+             (openssh-service-type
+              config => (openssh-configuration
+                         (inherit config)
+                         (generate-host-keys? #f)))
+             (guix-service-type
+              config => (guix-configuration
+                         (generate-substitute-key? #f))))))))
 
 
 ;;;